Hi. On Wed, Nov 14, 2018 at 05:03:53PM -0500, Lee wrote: > > b) You do not keep a single backup. > > > > Besides, avoiding all those cryptolockers is easy. You just need to > > learn to distinguish a trusted software from the untrusted. A trusted > > software comes to you with your OS (in this case - Debian main archive). > > An untrusted software comes from elsewhere. Keep to a trusted software > > and you'll be fine. > > Most probably. But I think using Firefox comes with a certain amount > of risk - probably not all that much on debian but still a risk; as > does having an all-the-time online backup.
Using any browser comes with the same amount of risk, in fact. But if the regular user cannot overwrite the backups - there's little harm in that. > > Avoiding human mistakes is impossible indeed, hence the backups. And > > filesystem snapshots, but that's a different matter. > > > > > >> > And, I'm strong believer of 'machine works, human thinks' principle. > >> > Automating backups to NFS (and replicating them from there) is simple. > >> > Automating backup to USB drive - that's something that cannot be done > >> > without human intervention. > >> > > >> >> In other words, what am I missing? > > > > A good backup is run by cron. A bad backup is run manually. > > Simple as that. > > How do you check that your cron backups worked? Which is assuming you > do check :) > The manual backups I do are fast enough that I can watch and see that > nothing went wrong. Cron can and will send a e-mail to a pre-determined address, if a batch job writes something to stdout/stderr. So then you do a backup, you have two choices: a) Log all and everything, and get your e-mail every day. b) Log errors only and get your e-mail only if something goes wrong. I prefer the latter, but YMMV. Reco